Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004133
sonatype-2025-004133
Malicious Packages - Tue Oct 14 2025 [Info Stealer/Host Data]
Published Oct 14, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48405.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48406.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48407.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48408.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48411.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48412.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
company-access-pending
0.0.1-security
npm
company-access-pending
999.0.1
npm
company-logo
0.0.1-security
npm
company-logo
999.0.1
npm
company-overview
0.0.1-security
npm
company-overview
999.0.1
npm
company-request-access
0.0.1-security
npm
company-request-access
999.0.1
npm
private-callout-queue
0.0.1-security
npm
private-callout-queue
999.0.1
npm
private-callouts
0.0.1-security
npm
private-callouts
999.0.1
npm
undelete
1.1.0
npm
undelete
1.1.1
1-14 of 14
sonatype-2025-004133 | Components Impacted | Sonatype Guide | Sonatype Guide
